File CVE-2022-22815.patch of Package python3-Pillow

diff --git a/Tests/test_imagepath.py b/Tests/test_imagepath.py
index 0835fdb4361..b18271cc5a1 100644
--- a/Tests/test_imagepath.py
+++ b/Tests/test_imagepath.py
@@ -90,6 +90,8 @@ def test_path_odd_number_of_coordinates():
     [
         ([0, 1, 2, 3], (0.0, 1.0, 2.0, 3.0)),
         ([3, 2, 1, 0], (1.0, 0.0, 3.0, 2.0)),
+        (0, (0.0, 0.0, 0.0, 0.0)),
+        (1, (0.0, 0.0, 0.0, 0.0)),
     ],
 )
 def test_getbbox(coords, expected):
diff --git a/src/path.c b/src/path.c
index 4764c58aa04..dea274ee336 100644
--- a/src/path.c
+++ b/src/path.c
@@ -57,7 +57,7 @@ alloc_array(Py_ssize_t count) {
     if ((unsigned long long)count > (SIZE_MAX / (2 * sizeof(double))) - 1) {
         return ImagingError_MemoryError();
     }
-    xy = malloc(2 * count * sizeof(double) + 1);
+    xy = calloc(2 * count * sizeof(double) + 1, sizeof(double));
     if (!xy) {
         ImagingError_MemoryError();
     }
@@ -327,21 +327,26 @@ path_getbbox(PyPathObject *self, PyObject *args) {
 
     xy = self->xy;
 
-    x0 = x1 = xy[0];
-    y0 = y1 = xy[1];
+    if (self->count == 0) {
+        x0 = x1 = 0;
+        y0 = y1 = 0;
+    } else {
+        x0 = x1 = xy[0];
+        y0 = y1 = xy[1];
 
-    for (i = 1; i < self->count; i++) {
-        if (xy[i + i] < x0) {
-            x0 = xy[i + i];
-        }
-        if (xy[i + i] > x1) {
-            x1 = xy[i + i];
-        }
-        if (xy[i + i + 1] < y0) {
-            y0 = xy[i + i + 1];
-        }
-        if (xy[i + i + 1] > y1) {
-            y1 = xy[i + i + 1];
+        for (i = 1; i < self->count; i++) {
+            if (xy[i + i] < x0) {
+                x0 = xy[i + i];
+            }
+            if (xy[i + i] > x1) {
+                x1 = xy[i + i];
+            }
+            if (xy[i + i + 1] < y0) {
+                y0 = xy[i + i + 1];
+            }
+            if (xy[i + i + 1] > y1) {
+                y1 = xy[i + i + 1];
+            }
         }
     }